FEDORA-2018-04f6056c42 created by remi 2 years ago for Fedora 27
stable

PHP version 7.1.17 (26 Apr 2018)

Date:

  • Fixed bug #76131 (mismatch arginfo for date_create). (carusogabriel)

Exif:

  • Fixed bug #76130 (Heap Buffer Overflow (READ: 1786) in exif_iif_add_value). (Stas)

FPM:

  • Fixed bug #68440 (ERROR: failed to reload: execvp() failed: Argument list too long). (Jacob Hipps)
  • Fixed incorrect write to getenv result in FPM reload. (Jakub Zelenka)

GD:

  • Fixed bug #52070 (imagedashedline() - dashed line sometimes is not visible). (cmb)

iconv:

  • Fixed bug #76249 (stream filter convert.iconv leads to infinite loop on invalid sequence). (Stas)

intl:

  • Fixed bug #76153 (Intl compilation fails with icu4c 61.1). (Anatol)

ldap:

  • Fixed bug #76248 (Malicious LDAP-Server Response causes Crash). (Stas)

mbstring:

  • Fixed bug #75944 (Wrong cp1251 detection). (dmk001)
  • Fixed bug #76113 (mbstring does not build with Oniguruma 6.8.1). (chrullrich, cmb)

Phar:

  • Fixed bug #76129 (fix for CVE-2018-5712 may not be complete). (Stas)

phpdbg:

  • Fixed bug #76143 (Memory corruption: arbitrary NUL overwrite). (Laruence)

SPL:

  • Fixed bug #76131 (mismatch arginfo for splarray constructor). (carusogabriel)

standard:

  • Fixed bug #75996 (incorrect url in header for mt_rand). (tatarbj)

How to install

sudo dnf upgrade --advisory=FEDORA-2018-04f6056c42

This update has been submitted for testing by remi.

2 years ago

This update has been pushed to testing.

2 years ago
User Icon filiperosset commented & provided feedback 2 years ago
karma

no regressions noted

remi edited this update.

2 years ago

This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes

2 years ago

This update has been submitted for batched by remi.

2 years ago

This update has been submitted for stable by remi.

2 years ago

This update has been pushed to stable.

2 years ago

Please login to add feedback.

Metadata
Type
security
Karma
1
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Dates
submitted
2 years ago
in testing
2 years ago
in stable
2 years ago
modified
2 years ago
BZ#1573797 CVE-2018-10549 php: Out-of-bounds read in ext/exif/exif.c:exif_read_data() when reading crafted JPEG data
0
0
BZ#1573802 CVE-2018-10546 php: Infinite loop in ext/iconv/iconv.c when using stream filter with convert.incov on invalid sequence leads to denial-of-service
0
0
BZ#1573805 CVE-2018-10548 php: Null pointer dereference due to mishandling of ldap_get_dn return value allows denial-of-service by malicious LDAP server or man-in-the-middle attacker
0
0
BZ#1573814 CVE-2018-10547 php: Reflected XSS vulnerability on PHAR 403 and 404 error pages
0
0
BZ#1573816 CVE-2018-10546 CVE-2018-10547 CVE-2018-10548 CVE-2018-10549 php: various flaws [fedora-all]
0
0

Automated Test Results